Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9D7944DAC35111EFB1180C74C4F9AE02.roa
File: 9D7944DAC35111EFB1180C74C4F9AE02.roa (raw, json)
Hash identifier: NrZBPo0U+2j2q3JF2eNMeaKV5uO3jsB36bH/SCMXZvw=
Subject key identifier: 6E:B0:43:BD:E4:BB:BA:B5:37:C5:02:40:3A:F7:DD:6B:A0:05:A2:4E
Certificate issuer: /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial: 0CDC
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9D7944DAC35111EFB1180C74C4F9AE02.roa
Signing time: Tue 31 Dec 2024 10:41:30 +0000
ROA not before: Tue 31 Dec 2024 10:41:30 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 138241
IP address blocks: 139.190.0.0/19 maxlen: 24
139.190.32.0/21 maxlen: 24
139.190.40.0/24 maxlen: 24
139.190.41.0/24 maxlen: 24
139.190.42.0/24 maxlen: 24
139.190.43.0/24 maxlen: 24
139.190.44.0/24 maxlen: 24
139.190.45.0/24 maxlen: 24
139.190.46.0/24 maxlen: 24
139.190.47.0/24 maxlen: 24
139.190.48.0/22 maxlen: 24
139.190.52.0/22 maxlen: 24
139.190.56.0/22 maxlen: 24
139.190.60.0/24 maxlen: 24
139.190.61.0/24 maxlen: 24
139.190.62.0/24 maxlen: 24
139.190.63.0/24 maxlen: 24
139.190.68.0/22 maxlen: 24
139.190.80.0/21 maxlen: 24
139.190.88.0/21 maxlen: 21
139.190.124.0/22 maxlen: 24
139.190.235.0/24 maxlen: 24
139.190.238.0/24 maxlen: 24
139.190.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 07:30:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3292 (0xcdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E6134
Validity
Not Before: Dec 31 10:41:30 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=6773ca5a-d35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:30:5b:f9:20:f3:c3:bd:20:ba:5a:49:9c:
84:af:47:81:46:9c:c9:84:32:40:e2:40:d2:40:4b:
01:8e:c2:cf:46:75:21:dd:ee:7b:9e:f5:6d:ab:1a:
4a:ab:39:00:60:3f:45:c7:59:49:9e:0f:4d:ab:d4:
1b:ef:fc:38:ea:f8:2b:76:68:25:c6:96:40:fc:9d:
b5:11:60:37:58:8c:ac:d6:dd:cd:2b:da:c5:15:fa:
b1:c5:ac:67:61:72:1a:34:40:e6:e5:ad:4e:a1:2a:
aa:a6:d8:33:07:01:40:de:1a:78:38:32:af:1e:b7:
36:f3:55:c9:d4:3e:04:a1:f7:69:f8:f6:62:3e:17:
40:b1:55:55:4b:2c:b3:8b:60:34:0d:a7:7c:f2:2c:
7e:b4:f6:7b:9e:89:f8:37:22:88:3f:4e:3a:60:51:
5a:0e:d0:0e:0b:85:44:bd:65:c5:c6:32:e6:cf:63:
d7:67:11:85:b5:d2:2b:40:66:5c:46:e6:a9:78:2f:
22:77:24:8b:44:b2:c0:b5:c7:8c:d0:70:74:7b:ee:
47:9b:f8:ef:2d:74:ef:b6:02:85:9c:85:b7:6d:44:
5a:8f:c8:37:81:da:59:af:fc:8f:9c:9a:14:99:d8:
d4:24:77:b4:ba:b1:cc:66:70:13:51:5c:b0:72:08:
7b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B0:43:BD:E4:BB:BA:B5:37:C5:02:40:3A:F7:DD:6B:A0:05:A2:4E
X509v3 Authority Key Identifier:
keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/9D7944DAC35111EFB1180C74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
139.190.0.0/18
139.190.68.0/22
139.190.80.0/20
139.190.124.0/22
139.190.235.0/24
139.190.238.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:3e:39:12:80:81:79:21:eb:30:1c:5d:0d:0a:66:27:9c:39:
e3:38:eb:e2:53:3a:ac:55:45:25:b2:b4:d6:a7:ad:db:21:f8:
8a:a6:4d:c9:56:41:d0:ed:78:74:d5:bb:d0:00:68:37:37:ba:
f2:18:0e:10:32:c7:e2:f7:2e:81:b6:5b:f6:18:d9:57:08:7c:
84:f2:64:a5:a3:d3:76:fd:73:12:b3:c9:eb:3b:c0:f0:23:3a:
40:23:fe:e1:55:0b:f3:a0:28:40:54:78:51:45:26:51:17:8b:
17:87:8d:21:ec:61:80:96:eb:91:73:e9:9b:17:63:ba:d6:b3:
11:95:19:43:1c:46:36:dc:70:b4:80:7c:b7:40:6e:42:e2:88:
2b:38:7b:23:64:62:03:06:aa:5f:f5:7a:1a:67:71:94:9a:9c:
ec:27:05:80:7d:4c:43:7c:49:0d:fb:da:bb:49:14:ff:44:43:
94:1c:4f:66:41:ea:bd:05:cb:10:a0:70:a2:97:45:83:ee:93:
78:c0:8d:a7:e9:24:4f:8e:7e:1f:2e:2b:0f:27:7a:d8:c5:72:
ba:69:6f:31:75:f2:d3:0d:98:47:d1:0c:44:e7:6f:ce:cb:a8:
28:08:97:bc:70:81:2a:ac:0a:0b:89:85:11:a6:e8:86:1f:c3:
91:2c:50:85
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICDNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjQxMjMxMTA0MTMwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczY2E1YS1kMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAre8wW/kg88O9ILpaSZyEr0eBRpzJhDJA4kDSQEsBjsLPRnUh3e57nvVtqxpK
qzkAYD9Fx1lJng9Nq9Qb7/w46vgrdmglxpZA/J21EWA3WIys1t3NK9rFFfqxxaxn
YXIaNEDm5a1OoSqqptgzBwFA3hp4ODKvHrc281XJ1D4Eofdp+PZiPhdAsVVVSyyz
i2A0Dad88ix+tPZ7non4NyKIP046YFFaDtAOC4VEvWXFxjLmz2PXZxGFtdIrQGZc
RuapeC8idySLRLLAtceM0HB0e+5Hm/jvLXTvtgKFnIW3bURaj8g3gdpZr/yPnJoU
mdjUJHe0urHMZnATUVywcgh7VwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFG6wQ73k
u7q1N8UCQDr33WugBaJOMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvOUQ3OTQ0REFD
MzUxMTFFRkIxMTgwQzc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAaLvgADBAKLvkQDBASLvlADBAKLvnwDBACLvusDBAGLvu4w
DQYJKoZIhvcNAQELBQADggEBAKw+ORKAgXkh6zAcXQ0KZiecOeM46+JTOqxVRSWy
tNanrdsh+IqmTclWQdDteHTVu9AAaDc3uvIYDhAyx+L3LoG2W/YY2VcIfITyZKWj
03b9cxKzyes7wPAjOkAj/uFVC/OgKEBUeFFFJlEXixeHjSHsYYCW65Fz6ZsXY7rW
sxGVGUMcRjbccLSAfLdAbkLiiCs4eyNkYgMGql/1ehpncZSanOwnBYB9TEN8SQ37
2rtJFP9EQ5QcT2ZB6r0FyxCgcKKXRYPuk3jAjafpJE+Ofh8uKw8netjFcrppbzF1
8tMNmEfRDETnb87LqCgIl7xwgSqsCguJhRGm6IYfw5EsUIU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:36:48 2025 by rpki-client